Building on the launch of our Open Source Program Office (OSPO) and the firm's statement on supporting the Open Source Security Foundation (OpenSSF), Goldman Sachs participated in the Open Source Software Security Summit II on May 12-13 in Washington, D.C. The Summit, convened by OpenSSF and the Linux Foundation, took place on the one year anniversary of the White House Executive Order on Cybersecurity, and was organized to further coordinate public and private sector efforts to support the directives of that order. Specifically, the Summit brought together security executives from technology companies, government, and open source communities to announce and discuss the Open Source Software Security Mobilization Plan. The plan outlines 3 distinct goals and 10 work streams for achieving those goals:
The Summit provided an opportunity to engage directly with peers from Atlassian, Cisco, GitHub, Google, Intel, Microsoft, as well as other financial industry participants including Citi, Fidelity, JP Morgan Chase, and Morgan Stanley, to collaborate on priorities. As both a contributor and end user of open source software, Goldman Sachs is committed to collaborating on these collective efforts to improve and strengthen the OSS ecosystem. We will continue to work with peers on the work streams and identify ways to address supply chain security challenges.
See https://www.gs.com/disclaimer/global_email for important risk disclosures, conflicts of interest, and other terms and conditions relating to this blog and your reliance on information contained in it.